the old is new again

Nearly a year after announcing it at last June’s WWDC, Apple has finally released the white iPhone 4 (starting tomorrow of course). Why did it take so long? Speculation in the tech world has ranged from a faulty antenna or camera sensor problems to outright greed and conspiracy. Well, Steve Jobs talked to Mobilized and finally spilled the beans. Seems that white iPhones, like white humans, need more UV protection from the sun. I’m not sure that answer makes sense to me, but I’m not a phone manufacturer. At any rate, you can buy one tomorrow.

thoughts on locationgate

Just in case you missed the biggest tech story of the last week, covered by everyone from Engadget to CNN:

About a week ago, some researchers found that the iPhone, while running iOS 4, collected a permanent and unencrypted record of its general location that backed up to the user’s computer and was basically impossible to stop or remove. Even with location services turned off, which is an option, the iPhone continued to collect this data and store it indefinitely. There was no evidence that Apple received this data or could track your iPhone in any way, but it was possible for someone with physical access to your phone or computer to get a rough picture of where you had been for the last year. The data did not extend past one year since previous versions of iOS, which was updated last June, did not do this.

This was by no means news to those working in iPhone security, and others had discovered this file long ago. But this was the first time it made its way into popular media. Needless to say, the press pounced on the story, and speculation ran rampant. Did Apple sell this information? Was your every move being tracked by Steve Jobs? Inquiring minds wanted to know. Even Congress demanded that Apple and Google answer for their behavior.

Publicly, Apple has mentioned its commitment to privacy many times, most specifically at last year’s D8. The company’s stance has always been something along the lines of “we don’t collect anything beyond anonymous location data, and we don’t collect anything at all unless you give permission.” The recent discovery of the location log obviously contradicts this official position, mostly since it impossible for the user to opt out.

In response, a press release from Apple addressed this discrepancy today, and pledged to correct the problem within the next few weeks.

Some key points:

1. Why is Apple tracking the location of my iPhone?
Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.

3. Why is my iPhone logging my location?
The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away[…] Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites[…] These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.

5. Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?
No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

7. When I turn off Location Services, why does my iPhone sometimes continue updating its Wi-Fi and cell tower data from Apple’s crowd-sourced database?
It shouldn’t. This is a bug, which we plan to fix shortly.

Software Update
Sometime in the next few weeks Apple will release a free iOS software update that:

    • reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,
    • ceases backing up this cache, and
    • deletes this cache entirely when Location Services is turned off.

In the next major iOS software release the cache will also be encrypted on the iPhone.

For the complete list of questions and answers, click the link above to read for yourself. This release is important for a number of reasons. First, it shows Apple is still concerned about user privacy, or at the very least the public’s perception. The company waited much longer to resolve Antennagate last summer because it didn’t see it as a problem unique to Apple or something that affected most customers. This time, they responded in a week and admitted total responsibility for the undesired behavior.

Second, it stops the ridiculous cries of “Apple is tracking you!” from the media. No one is tracking your iPhone, but they are tracking everyone’s iPhones. See the difference? Apple sold 18.65 million iPhones in the last quarter alone, and even more during the holiday quarter. I personally don’t mind if Apple knows the rough location of its tens of millions of iPhones, as long as I can’t be identified as the owner of any particular phone. Apple includes no unique signature with its GPS data, so there’s no way for anyone to know which iPhone is yours. And if you opted out of location data in the first place, your iPhone still collects the data but doesn’t send it to Apple.

Personally, I couldn’t care less if my iPhone collected GPS data and sent it to Apple. Notice that I do not call it “my GPS data,” because it isn’t. It’s simply the rough history of an iPhone that I carry. From Apple’s database, that location information is in no way identifiable as belonging to me, or even my specific phone. The only way someone can know where I have been is to steal my phone or the computer I connect it to. And if someone steals either of those, I have much bigger problems, like my missing personal files, calendar info, address book, and email.

Even this is unacceptable though, since the iPhone clearly does not need a whole year’s worth of data, and it is unencrypted by default. John Gruber first hypothesized that this was simply a bug, and Apple confirmed that today. When the next software update arrives, the data will be protected and be reduced to 7 days. Also, the phone will no longer record data if you decline location services.

It’s worth noting that according to the Wall Street Journal, Google’s Android, which escaped unscathed from this scandal, also stores data in a similar way:

In the case of Google, according to new research by security analyst Samy Kamkar, an HTC Android phone collected its location every few seconds and transmitted the data to Google at least several times an hour. It also transmitted the name, location and signal strength of any nearby Wi-Fi networks, as well as a unique phone identifier.

To me, this is much worse, thanks to that last mention of a “unique phone identifier.” That means Google, or anyone else with access to the data, can tie that location directly to you. Given Android’s penchant for giving location data to advertisers, this is much scarier. Apple, while taking the brunt of heat from the media, stores only anonymous data. However, Android does not store this data permanently, which is good. Apple also deleted it until iOS 4 was released in June, and will be once again after the next update.

I’m satisfied by the prompt (for the business world) response by Apple PR, but apparently that wasn’t enough for the company. None other than Steve Jobs, joined by Phil Schiller and Scott Forstall, gave an interview to Mobilized today that reiterates Apple’s policy to preserve user privacy.

“We haven’t been tracking anyone,” Jobs said in a telephone interview with Mobilized on Wednesday. “The files they found on these phones, as we explained, it turned out were basically files we have built through anonymous, crowdsourced information that we collect from the tens of millions of iPhones out there.”

Jobs also said Apple would be happy to testify before Congress in response to Senator Franken’s request, lending further credibility to his rhetoric.

The ultimate test will come with the next iOS update, when the tech world will eagerly test Apple’s promises and inflame once again if anything is amiss. Until then, the only thing to do is take Apple at its word. Guard your phone and computer from unfriendly hands, and encrypt your iTunes backups if you feel so inclined. That will prevent anyone from determining your location until the fix arrives.

EDIT: The update has landed, even faster than Apple promised. It does indeed reduce the size of the location database and deletes it if you turn off location services. Go get it!

Michael Vick, animal rights activist

In a rather ironic and frankly unconvincing attempt to improve his public image, Michael Vick spoke out against a dog-fighting game for Android. Unsurprisingly, animal rights groups, including the Humane Society, immediately protested Dog Wars, in which players must fight an opponent to the death.

While I’m not sure Vick is protesting because he actually despises dog fighting, it had the right effect. The game has now been pulled by Google. It’s good to see the Android Market getting similar quality control as the App Store, and I only hope that its rampant pirated soundboard and ringtone apps are removed soon as well.

TK-421 isn’t at his desk

A sneak peek at the desktop of a certain hapless Imperial stormtrooper. He probably didn’t have much of a future in the navy anyway, since nude Twi’Leks are clearly NSFW even for an evil regime.

But why does the Death Star use System 6? I know it was A Long Time Ago, but wouldn’t the Galactic Empire be the ultimate target market for Windows? The Rebel Alliance are clearly the ones “thinking different” here. Perhaps in this galaxy Microsoft lost the patent war? In that case, I could totally see Apple creating an oppressive empire led by a monomaniacal leader who dresses in black and distorts reality with his magic powers. It’s already a proven fact that they hate all Droids.

-Via Cult of Mac

life-size LEGO Space

UK designer Jonathan Robson has created a life-sized space helmet to help children learn to read. The helmet has speakers and a usb port to play audio recordings, which he makes available online. These correspond to LEGO comic books, inspired by the originals he enjoyed reading as a child. While I’m not convinced that shutting kids in an isolated aural space with an audiobook is the best way to learn to read, I do think kids would enjoy it for short amounts of time. I love the helmet’s design too – I can’t tell you how many times I’ve squinted through a tiny LEGO visor to see what life looks like through trans-colored plastic. Without the audio capability, this would still be a great role-playing toy for kids. LEGO should definitely release a line of prop helmets to match the weapons they already make. (But only the regular themes, since Bionicle masks and shoes failed to catch on years ago.)

-Via Engadget


This hits me like a ton of bricks. In a good, inspirational way. But still a ton of bricks. Read it and you’ll understand.

– via Minimal Mac

Happy Easter!

Yep, I did it again. schfio is fast becoming my favorite holiday builder, and he doesn’t disappoint with his new Easter photo set. I don’t think anyone is better at making adorably “fuzzy” animals out of LEGO bricks, and his particular talent for spherical construction lends itself well to eggs. I can’t wait for the other holidays now, just to see what he makes.

toddlers and the iPad

I just uncovered this older post from Cult of Mac in my Instapaper queue, but it’s worth a mention. The computing world is getting ready for a massive paradigm shift, and these kids will look back on the models of today with disbelief. Wires? Mice? It’s truly exciting to think where this is all headed.